I was lucky enough to get the reminder to K.I.S.S. on a recent engagement. While the latest TTPs can be very useful, it is important to keep "the basics" in mind. ARP Poisoning Guide: https://www.tutorialspoint.com/ethical_hacking/ethical_hacking_arp_poisoning.htm Ettercap: https://www.ettercap-project.org/ Bettercap: https://www.bettercap.org/ PCredz: https://github.com/lgandx/PCredz SMB Encryption: https://docs.microsoft.com/en-us/windows-server/storage/file-server/smb-security Detection of Arp Spoofing: https://www.comparitech.com/blog/vpn-privacy/arp-poisoning-spoofing-detect-prevent/ Show notes: https://seangoodwin.blog/sts001 Twitter: https://twitter.com/0xSeanG iTunes: … Continue reading Episode 001: Keep It Simple [Sean]
Welcome to Stumbling Through Security. No real show notes yet, but thanks to checking this out. I am looking forward to seeing where this process takes me. Follow me on Twitter (https://twitter.com/0xSeanG) and/or subscribe to the podcast to keep up with future episodes. Show notes can be found at https://seangoodwin.blog/sts000.
I had a great day at BloomCon 0x04 - there were a lot of good talks, and the OSINT CTF brought a lot of fun between sessions. I was happy to share my ideas on building a successful security awareness program. My slides and additional resources can be found here.
Next up on the book review list is Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman
Review I enjoyed the layout of the book, especially through the lens of someone fairly "green" with python. Each chapter outlines the project, walks you through planning what the project is trying to do, and then walks you through some sample code. There are also loads of references for further digging, so I highly recommend … Continue reading Book Review – Impractical Python Projects: Playful Programming Activities to Make You Smarter